Security researcher Mike Bailey released this screen shot showing that he gained access to McAfee Secure via a cross-site request forgery hole.

Security vulnerabilities on McAfee sites, including one designed to scan customers' sites for flaws, exposed certain customer accounts and could have been used for phishing attacks in which malware disguised as McAfee software could be distributed, security experts say.

McAfee said late on Tuesday that most of the vulnerabilities were fixed, excep...